Created by: gracewashere
Problem:
Our app doesn't directly depend on nokogiri - the test suite depends on Capybara, which in turn depends on Nokogiri.
Because of this, we should not have nokogiri
referenced explicitly in our Gemfile.
Commit 12e0db49 upgraded nokogiri by explicitly setting the desired version in the Gemfile.
Solution:
Several PRs (#285, #293) have used a different approach for upgrading Nokogiri, in order to get their build passing.
They ran bundle update nokogiri
without explicitly setting the desired version in the Gemfile.
The most recent version of nokogiri contains the required security fix,
so it solves the original problem.
This commit reverts the changes made in 12e0db49,
and updates nokogiri
using the standard bundle update nokogiri
approach.